<?php
include('connect_db.php');
/*if logged in, redirect to homepage */
if (!checkLoggedin())
{
	header('Location: login.php');
}


$query = "SELECT * FROM users WHERE id = " . $_SESSION['id'];
$me = mysql_fetch_array(mysql_query($query));

?>
<?php include('templates/main/header.php'); ?>

    <div id="body">
		<div id="content" class="right_sidebar">
		<div id="editaccount">
		<hr>
		<h1>Edit Account</h1>
		<hr>
		<br />
		<br />

		
		<form action="editaccount_2.php" method="post" accept-charset="utf-8" enctype="multipart/form-data">
		
		<label class="pic">
			Profile:<br>
			<img border="1px" src="uploads/
				<?php
					if (file_exists("uploads/" . md5($_SESSION['id'].$_SESSION['username']).'.png'))
				    {
				      echo md5($_SESSION['id'].$_SESSION['username']);
				    }
				    else
				    {
				      echo 'zombie';
				    }
					
				?>
			.png" width="151" height="151">
		</label>
		
		<label>
			First name*:
			<input name="firstname" value= <?php echo '"'.$me['firstname'].'"' ?> type="text">
		</label>

		<label>
			Last name*:
			<input name="lastname" value= <?php echo '"'.$me['lastname'].'"' ?> type="text">
		</label>
		
		<label class="up-pic">
			Picture(png):
			<br />
			<input type="file" name="file" id="file"><br>
		</label>

		<input name="" value="Update" type="submit">
		</form>
		</div>
	</div>
	</div>

<?php include('templates/main/footer.php'); ?> 